On 24/04/2020, 22:35, "Eric Rescorla" <e...@rtfm.com> wrote: > On Fri, Apr 24, 2020 at 2:29 PM chris - <chrispat...@gmail.com> wrote: > > I would need to study the specs in order to provide an intelligent > > answer here. Off the hip, it would seem to depend on how the > > boundaries between record headers and ciphertexts are determined. > > Taking a quick look at draft-37, Fig. 4: the "full" header includes > > three values that are excluded from the "minimal" header, the length > > of the ciphertext being one of the fields. Presumably, when using > > the "minimal" header, the length is a parameter that the sender and > > receiver already agree on. > > Yes. It's "the rest of the UDP datagram".
I might be missing something but this doesn't look to me like the definition of "agreed upon" by the TLS principals: an attacker can modify what "the rest of the datagram" is at will, no? IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
